Skip to main content
SpringerLink
Log in

Emerging from the Cloud: A Bibliometric Analysis of Cloud Forensics Studies

  • Chapter
  • First Online:
Cyber Threat Intelligence

Part of the book series: Advances in Information Security ((ADIS,volume 70))

Abstract

Emergence of cloud computing technologies have changed the way we store, retrieve, and archive our data. With the promise of unlimited, reliable and always-available storage, a lot of private and confidential data are now stored on different cloud platforms. Being such a gold mine of data, cloud platforms are among the most valuable targets for attackers. Therefore, many forensics investigators have tried to develop tools, tactics and procedures to collect, preserve, analyse and report evidences of attackers’ activities on different cloud platforms. Despite the number of published articles there isn’t a bibliometric study that presents cloud forensics research trends. This paper aims to address this problem by providing a comprehensive assessment of cloud forensics research trends between 2009 and 2016. Moreover, we provide a classification of cloud forensics process to detect the most profound research areas and highlight remaining challenges.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. “Forecast: IT Services, 2011-2017, 4Q13 Update.” [Online]. Available: https://www.gartner.com/doc/2637515/forecast-it-services-q. [Accessed: 09-Dec-2016].

  2. Cisco Public, “Cisco Global Cloud Index: Forecast and Methodology, 2015–2020,” 2016.

    Google Scholar 

  3. P. Mell and T. Grance, “The NIST Final Version of NIST Cloud Computing Definition Published,” Nist Spec. Publ., vol. 145, p. 7, 2011.

    Google Scholar 

  4. S. Bhardwaj, L. Jain, and S. Jain, “An Approach for Investigating Perspective of Cloud Software-as-a-Service (SaaS),” Int. J. Comput. Appl., vol. 10, no. 2, pp. 975–8887, 2010.

    Google Scholar 

  5. P. Mell and T. Grance, “The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology,” Natl. Inst. Stand. Technol. Inf. Technol. Lab., vol. 145, p. 7, 2011.

    Google Scholar 

  6. J. Dykstra and A. T. Sherman, “Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques,” Digit. Investig., vol. 9, no. S, pp. S90–S98, Aug. 2012.

    Google Scholar 

  7. N. Gupta, B. Tech, B. Chauhan, T. Anand, and C. Dewan, “Cloud Computing: Comparison with Previous Technique and Research Challenges,” Int. J. Comput. Appl., vol. 85, no. 8, pp. 975–8887, 2014.

    Google Scholar 

  8. K. Weins, “Cloud Computing Trends: 2016 State of the Cloud Survey,” 2016.

    Google Scholar 

  9. A. Hutchings, R. G. Smith, and L. James, “Criminals in the Cloud: Crime, Security Threats, and Prevention Measures,” in Cybercrime Risks and Responses, London: Palgrave Macmillan UK, 2015, pp. 146–162.

    Google Scholar 

  10. “Cybercrime Now Surpasses Traditional Crime In UK.” [Online]. Available: http://www.darkreading.com/threat-intelligence/cybercrime-now-surpasses-traditional-crime-in-uk/d/d-id/1326208. [Accessed: 12-Dec-2016].

  11. K. Ruan, J. Carthy, T. Kechadi, and M. Crosbie, “Cloud forensics,” Advances in Digital Forensics VII, IFIP Advances in Information and Communication Technology, vol. 361. pp. 35–46, 2011.

    Google Scholar 

  12. M. Al Fahdi, N. L. Clarke, and S. M. Furnell, “Challenges to digital forensics: A survey of researchers & practitioners attitudes and opinions,” in 2013 Information Security for South Africa - Proceedings of the ISSA 2013 Conference, 2013.

    Google Scholar 

  13. A. T. Dykstra, Josiah; Sherman, “UNDERSTANDING ISSUES IN CLOUD FORENSICS: TWO HYPOTHETICAL CASE STUDIES - ProQuest,” Proc. Conf. Digit. Forensics, Secur. Law, no. 45, pp. 1–10, 2011.

    Google Scholar 

  14. S. Alqahtany, N. Clarke, S. Furnell, and C. Reich, “A forensic acquisition and analysis system for IaaS,” Clust. Comput. J. NETWORKS Softw. TOOLS Appl., vol. 19, no. 1, pp. 439–453, Mar. 2016.

    Google Scholar 

  15. “Forensic Toolkit (FTK).” [Online]. Available: http://accessdata.com/products-services/forensic-toolkit-ftk. [Accessed: 13-Jul-2017].

  16. “EnCase Endpoint Investigator - Remote Digital Investigation Solution.” [Online]. Available: https://www.guidancesoftware.com/encase-endpoint-investigator. [Accessed: 13-Jul-2017].

  17. “Snort - Network Intrusion Detection & Prevention System.” [Online]. Available: https://www.snort.org/. [Accessed: 13-Jul-2017].

  18. J. Dykstra and A. T. Sherman, “Design and implementation of FROST: Digital forensic tools for the OpenStack cloud computing platform,” in Digital Investigation, 2013, vol. 10, no. SUPPL.

    Google Scholar 

  19. E. Bursztein, I. Fontarensky, M. Martin, and J.-M. Picod, “Beyond files recovery OWADE cloud-based forensic.” BlackHat, 2011.

    Google Scholar 

  20. Amazon Web Services, “AWS CloudTrail : User Guide,” 2016.

    Google Scholar 

  21. G. Combs, “Wireshark · Go Deep.,” 2017. [Online]. Available: https://www.wireshark.org/. [Accessed: 29-May-2017].

  22. “The Sleuth Kit.” [Online]. Available: http://www.sleuthkit.org/sleuthkit/. [Accessed: 13-Jul-2017].

  23. “Software for Computer Forensics, Data Recovery, and IT Security.” [Online]. Available: http://www.x-ways.net/. [Accessed: 13-Jul-2017].

  24. “EnCase eDiscovery- Litigation Hold Management & Digital Forensics.” [Online]. Available: https://www.guidancesoftware.com/encase-ediscovery. [Accessed: 13-Jul-2017].

  25. B. Martini and K.-K. R. Choo, “An integrated conceptual digital forensic framework for cloud computing,” Digit. Investig., vol. 9, no. 2, pp. 71–80, Nov. 2012.

    Google Scholar 

  26. N. H. Ab Rahman, N. D. W. Cahyani, and K. K. R. Choo, “Cloud incident handling and forensic-by-design: Cloud storage as a case study,” Concurrency Computation , 2016.

    Google Scholar 

  27. D. Quick and K.-K. R. Choo, “Dropbox analysis: Data remnants on user machines,” Digit. Investig., vol. 10, no. 1, pp. 3–18, Jun. 2013.

    Google Scholar 

  28. F. Daryabar, A. Dehghantanha, and K.-K. R. Choo, “Cloud storage forensics: MEGA as a case study,” Aust. J. Forensic Sci., vol. 618, no. July, pp. 1–14, 2016.

    Google Scholar 

  29. F. Daryabar et al., “Forensic investigation of OneDrive, Box, GoogleDrive and Dropbox applications on Android and iOS devices,” Aust. J. Forensic Sci., vol. 48, no. 1, pp. 1–28, 2016.

    Google Scholar 

  30. R. Shariati, Mohammad; Dehghantanha, Ali; Choo, “SugarSync Forensic Analysis,” Res. Artic., p. 28, 2014.

    Google Scholar 

  31. T. Dargahi, A. Dehghantanha, and M. Conti, “Chapter 12 – Investigating Storage as a Service Cloud Platform: pCloud as a Case Study,” in Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, 2017, pp. 185–204.

    Google Scholar 

  32. S. H. Mohtasebi, A. Dehghantanha, and K.-K. R. Choo, “Chapter 13 – Cloud Storage Forensics: Analysis of Data Remnants on SpiderOak, JustCloud, and pCloud,” in Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, 2017, pp. 205–246.

    Google Scholar 

  33. A. Dehghantanha and T. Dargahi, “Chapter 14 – Residual Cloud Forensics: CloudMe and 360Yunpan as Case Studies,” in Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, 2017, pp. 247–283.

    Google Scholar 

  34. B. Blakeley, C. Cooney, A. Dehghantanha, and R. Aspin, “Cloud Storage Forensic: hubiC as a Case-Study,” in 2015 IEEE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), 2015, pp. 536–541.

    Google Scholar 

  35. Y.-Y. Teing, D. Ali, K. Choo, M. T. Abdullah, and Z. Muda, “Greening Cloud-Enabled Big Data Storage Forensics: Syncany as a Case Study,” IEEE Trans. Sustain. Comput., pp. 1–1, 2017.

    Google Scholar 

  36. Y.-Y. Teing, A. Dehghantanha, K.-K. R. Choo, and L. T. Yang, “Forensic investigation of P2P cloud storage services and backbone for IoT networks: BitTorrent Sync as a case study,” Comput. Electr. Eng., 2016.

    Google Scholar 

  37. Y.-Y. Teing, A. Dehghantanha, K.-K. R. Choo, T. Dargahi, and M. Conti, “Forensic Investigation of Cooperative Storage Cloud Service: Symform as a Case Study,” J. Forensic Sci., Nov. 2016.

    Google Scholar 

  38. S. A. Almulla, Y. Iraqi, and A. Jones, “A State-of-the-Art Review of Cloud Forensics,” J. Digit. Forensics, Secur. Law, vol. 9, no. 4, pp. 7–28, 2014.

    Google Scholar 

  39. G. E. Derrick, A. Haynes, S. Chapman, and W. D. Hall, “The Association between Four Citation Metrics and Peer Rankings of Research Influence of Australian Researchers in Six Fields of Public Health,” PLoS One, vol. 6, no. 4, 2011.

    Google Scholar 

  40. E. Garfield, “The History and Meaning of the Journal Impact Factor,” J. Am. Med. Assoc., vol. 19104, no. 1, pp. 90–93, 2006.

    Google Scholar 

  41. “A New Dimension in Documentation through Association of Ideas.” [Online]. Available: http://www.garfield.library.upenn.edu/papers/science_v122v3159p108y1955.html. [Accessed: 09-Dec-2016].

  42. L. I. Meho and K. Yang, “Impact of data sources on citation counts and rankings of LIS faculty: Web of science versus scopus and google scholar,” J. Am. Soc. Inf. Sci. Technol., vol. 58, no. 13, pp. 2105–2125, 2007.

    Google Scholar 

  43. G. Ict and S. March, “Government Cloud Strategy,” no. March, 2011.

    Google Scholar 

  44. M. Metheny, “Federal Cloud Computing,” Fed. Cloud Comput., pp. 71–102, 2013.

    Google Scholar 

  45. H. Small, “Visualizing science by citation mapping,” J. Am. Soc. Inf. Sci., vol. 50, no. 9, pp. 799–813, 1999.

    Google Scholar 

  46. M. F. A. Razak, N. B. Anuar, R. Salleh, and A. Firdaus, “The rise of malware: Bibliometric analysis of malware study,” Journal of Network and Computer Applications, vol. 75. pp. 58–76, 2016.

    Google Scholar 

  47. L. Bornmann and H.-D. Daniel, What do citation counts measure? A review of studies on citing behavior, vol. 64, no. 1. 2008.

    Google Scholar 

  48. J. E. Hirsch, “Does the H index have predictive power?,” Proc. Natl. Acad. Sci. U. S. A., vol. 104, no. 49, pp. 19193–8, 2007.

    Google Scholar 

  49. E. Garfield, “Can Citation Indexing be Automated?,” Stat. Assoc . Methods Mech. Doc., vol. 269, pp. 84–90, 1964.

    Google Scholar 

  50. X. Wu, X. Chen, F. B. Zhan, and S. Hong, “Global research trends in landslides during 1991???2014: a bibliometric analysis,” Landslides, vol. 12, no. 6, pp. 1215–1226, 2015.

    Google Scholar 

  51. K. Choo, “Cloud computing: challenges and future directions,” Trends Issues Crime Crim. Justice, no. 400, pp. 1–6, 2010.

    Google Scholar 

  52. J. J. Shah and L. G. Malik, “Cloud Forensics: Issues and Challenges,” in 2013 Sixth International Conference on Emerging Trends in Engineering and Technology (ICETET 2013), 2013, pp. 138–139.

    Google Scholar 

  53. D. Birk and C. Wegener, “Technical Issues of Forensic Investigations in Cloud Computing Environments,” 2011 Sixth IEEE Int. Work. Syst. Approaches to Digit. Forensic Eng., pp. 1–10, 2011.

    Google Scholar 

  54. M. Damshenas, A. Dehghantanha, R. Mahmoud, and S. Bin Shamsuddin, “Forensics investigation challenges in cloud computing environments,” in Proceedings 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic, CyberSec 2012, 2012, pp. 190–194.

    Google Scholar 

  55. N. Raza, “Challenges to network forensics in cloud computing,” in Proceedings - 2015 Conference on Information Assurance and Cyber Security, CIACS 2015, 2016, pp. 22–29.

    Google Scholar 

  56. A. Butler and K. Choo, “IT standards and guides do not adequately prepare IT practitioners to appear as expert witnesses: An Australian perspective,” Secur. J., pp. 1–20, 2013.

    Google Scholar 

  57. D. Quick, B. Martini, and K.-K. R. Choo, “Cloud Storage Forensics,” Cloud Storage Forensics, no. October, pp. 13–21, 2014.

    Google Scholar 

  58. S. Ahmed and M. Y. A. Raja, “Tackling cloud security issues and forensics model,” in 7th International Symposium on High-Capacity Optical Networks and Enabling Technologies, HONET 2010, 2010, pp. 190–195.

    Google Scholar 

  59. G. Grispos, T. Storer, and W. Glisson, “Calm before the storm: the challenges of cloud computing in digital forensics,” Int. J. Digit. Crime Forensics, vol. 4, no. 2, pp. 28–48, 2012.

    Google Scholar 

  60. D. Reilly, C. Wren, and T. Berry, “Cloud computing: Forensic challenges for law enforcement,” Internet Technol. Secur. Trans. (ICITST), 2010 Int. Conf., pp. 1–7, 2010.

    Google Scholar 

  61. Mauro Conti, Ali Dehghantanha, Katrin Franke, Steve Watson, “Internet of Things Security and Forensics: Challenges and Opportunities”, Future Generation Computer Systems Journal, DoI: https://doi.org/10.1016/j.future.2017.07.060, 2017

  62. Hamed HaddadPajouh, Ali Dehghantanha, Raouf Khayami, and Kim-Kwang Raymond Choo, “Intelligent OS X Malware Threat Detection”, Journal of Computer Virology and Hacking Techniques, 2017

    Google Scholar 

  63. Amin Azmoodeh, Ali Dehghantanha, Mauro Conti, Raymond Choo, “Detecting Crypto-Ransomware in IoT Networks Based On Energy Consumption Footprint”, Journal of Ambient Intelligence and Humanized Computing, DOI: 10.1007/s12652-017-0558-5, 2017

    Google Scholar 

  64. Amin Azmoudeh, Ali Dehghantanha and Kim-Kwang Raymond Choo, “Robust Malware Detection for Internet Of (Battlefield) Things Devices Using Deep Eigenspace Learning”, IEEE Transactions on Sustainable Computing, 2017

    Google Scholar 

  65. Dennis Kiwia, Ali Dehghantanha, Kim-Kwang Raymond Choo, Jim Slaughter, "A Cyber Kill Chain Based Taxonomy of Banking Trojans for Evolutionary Computational Intelligence", Journal of Computational Science, 2017

    Google Scholar 

  66. Sajad Homayoun, Ali Dehghantanha, Marzieh Ahmadzadeh, Sattar Hashemi, Raouf Khayami, "Know Abnormal, Find Evil: Frequent Pattern Mining for Ransomware Threat Hunting and Intelligence", IEEE Transactions on Emerging Topics in Computing, 2017 - DOI: 10.1109/TETC.2017.2756908

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing, Science and Engineering, University of Salford, Manchester, UK

    James Baldwin, Omar M. K. Alhawi, Simone Shaughnessy & Alex Akinbi

  2. Department of Computer Science, University of Sheffield, Sheffield, UK

    Ali Dehghantanha

Authors
  1. James Baldwin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Omar M. K. Alhawi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Simone Shaughnessy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alex Akinbi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ali Dehghantanha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ali Dehghantanha .

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Sheffield, Sheffield, United Kingdom

    Ali Dehghantanha

  2. Department of Mathematics, University of Padua, Padua, Italy

    Mauro Conti

  3. Department of Computer Science, University of Salford, Manchester, United Kingdom

    Tooska Dargahi

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Baldwin, J., Alhawi, O.M.K., Shaughnessy, S., Akinbi, A., Dehghantanha, A. (2018). Emerging from the Cloud: A Bibliometric Analysis of Cloud Forensics Studies. In: Dehghantanha, A., Conti, M., Dargahi, T. (eds) Cyber Threat Intelligence. Advances in Information Security, vol 70. Springer, Cham. https://doi.org/10.1007/978-3-319-73951-9_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-73951-9_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-73950-2

  • Online ISBN: 978-3-319-73951-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation